Greenbone Cloud Service – Manual

This is the manual for the Greenbone Cloud Service.

The Greenbone Cloud Service is under constant development. This manual attempts to always document the latest version. It is, however, possible that latest functionalities have not been captured in this manual.

Should you have additional notes or error corrections for this manual, contact the Greenbone Enterprise Support.

The copyright for this manual is held by the Greenbone AG. The license information for the feed used by the Greenbone Cloud Service can be found at https://www.greenbone.net/en/license-information/. Greenbone and the Greenbone logo are registered trademarks of the Greenbone AG. Other logos and registered trademarks used within this manual are the property of their respective owners and are used only for explanatory purposes.

Greenbone AG

Neumarkt 12

49074 Osnabrück

Germany

https://www.greenbone.net/en/

• 1 Introduction
  • 1.1 Vulnerability Management
  • 1.2 Greenbone Cloud Service
• 2 Read Before Use
• 3 Guideline for Using the Greenbone Cloud Service
• 4 Getting to Know and Accessing the Platform
  • 4.1 Creating a User Account
  • 4.2 Logging into the Platform
  • 4.3 Structure of the Platform
    • 4.3.1 List Pages
    • 4.3.2 Detail Overlays
  • 4.4 Getting Support
• 5 Configuring the User, Team, and Account Settings
  • 5.1 Changing the Language
  • 5.2 Setting up Notifications
    • 5.2.1 Scan Summaries
    • 5.2.2 Completed Scans
  • 5.3 Changing the Security Settings
    • 5.3.1 Changing the User Password
    • 5.3.2 Setting up a Two-Factor Authentication
  • 5.4 Creating and Managing Teams
    • 5.4.1 Adding Users to a Team
    • 5.4.2 (De)activating Team Members
    • 5.4.3 Changing the Main User
    • 5.4.4 Deleting the Account
  • 5.5 Configuring the Subscription
    • 5.5.1 Changing the Subscription Scope
    • 5.5.2 Terminating the Subscription
  • 5.6 Changing the Billing Information
  • 5.7 Downloading Invoices
  • 5.8 Configuring the Managed-Security Settings
• 6 Scanning a System
  • 6.1 Using the Task Wizard for a Scan
  • 6.2 Configuring a Simple Scan Manually
    • 6.2.1 Creating a Target
      • 6.2.1.1 Creating an External Target
      • 6.2.1.2 Creating an Internal Target
    • 6.2.2 For External Targets: Validating the Hosts
      • 6.2.2.1 Validation by the User as the Owner
      • 6.2.2.2 Validation by the Contact Person or by the vMSP’s Security Team
    • 6.2.3 For Internal Targets: Creating a Gateway
      • 6.2.3.1 Setting up a Gateway
      • 6.2.3.2 Registering the Gateway
    • 6.2.4 Creating a Task
    • 6.2.5 Starting the Task
  • 6.3 Configuring an Authenticated Scan Using Local Security Checks
    • 6.3.1 Advantages and Disadvantages of Authenticated Scans
    • 6.3.2 Using Credentials
      • 6.3.2.1 Creating Credentials
      • 6.3.2.2 Managing Credentials
    • 6.3.3 Requirements on Target Systems with Microsoft Windows
      • 6.3.3.1 General Notes on the Configuration
      • 6.3.3.2 Configuring a Domain Account for Authenticated Scans
      • 6.3.3.3 Restrictions
      • 6.3.3.4 Scanning Without Domain Administrator and Local Administrator Permissions
    • 6.3.4 Requirements on Target Systems with Linux/Unix
    • 6.3.5 Requirements on Target Systems with ESXi
    • 6.3.6 Requirements on Target Systems with Cisco OS
  • 6.4 Performing a Scheduled Scan
    • 6.4.1 Creating a Schedule
    • 6.4.2 Managing Schedules
  • 6.5 Managing Targets
  • 6.6 Managing Gateways
    • 6.6.1 Page Gateways
    • 6.6.2 Gateway Administration Menu (CLI)
    • 6.6.3 Gateway Web Interface
  • 6.7 Managing Tasks
    • 6.7.1 Page Scan Management
    • 6.7.2 Page Scan Configuration
  • 6.8 Scan Configurations
  • 6.9 Port Lists
  • 6.10 Using Notifications
  • 6.11 Obstacles While Scanning
    • 6.11.1 Hosts not Found
    • 6.11.2 Long Scan Periods
• 7 Reports and Vulnerability Management
  • 7.1 Reading a Report
    • 7.1.1 Interpreting a Report
    • 7.1.2 Quality of Detection Concept
  • 7.2 Results of a Report
    • 7.2.1 Dashboard
    • 7.2.2 Grid Overview
    • 7.2.3 Table Overview
      • 7.2.3.1 “Overview” Table
      • 7.2.3.2 “Host” Table
      • 7.2.3.3 “Vulnerability” Table
  • 7.3 Filtering a Report
  • 7.4 Exporting a Report
  • 7.5 Notifications for Reports
• 8 Frequently Asked Questions
  • 8.1 Which Firewall Access Rules Are Necessary for the Communication Between the Greenbone Scan Cluster (GSC) and the VPN Gateway?
  • 8.2 Which Firewall Access Rules Are Necessary for the Communication Between the Greenbone Scan Cluster (GSC) and External Targets?
  • 8.3 Which Technology Is Used for the VPN Connection?
  • 8.4 What Has to Be Done if MAC-NAT Does Not Work?
  • 8.5 What Happens to the User Account When the Subscription Ends?
  • 8.6 Why is the Scanning Process so Slow?
  • 8.7 Why Do the Results for the Same Target Differ across Several Consecutive Scans?
  • 8.8 Why Does a VNC Dialog Appear on the Scanned Target System?
  • 8.9 Why Does the Scan Trigger Alarms on Other Security Tools?
• 9 Glossary
  • 9.1 CERT-Bund Advisory
  • 9.2 CPE
  • 9.3 CVE
  • 9.4 CVSS
  • 9.5 DFN-CERT Advisory
  • 9.6 Greenbone Enterprise Feed
  • 9.7 Host
  • 9.8 Vulnerability Test (VT)
  • 9.9 OVAL Definition
  • 9.10 Port List
  • 9.11 Quality of Detection (QoD)
  • 9.12 Report
  • 9.13 Result
  • 9.14 Scan
  • 9.15 Scanner
  • 9.16 Scan Configuration
  • 9.17 Schedule
  • 9.18 Severity
  • 9.19 Solution Type
  • 9.20 Target
  • 9.21 Task

Indices

• Index

• Search Page